\relax 
\@writefile{toc}{\contentsline {section}{\numberline {1}Introduction}{1}}
\citation{Chen:EECS-2010-5}
\citation{cnss:glossary}
\citation{openstack:cactus}
\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces Lab setup}}{3}}
\newlabel{figure:LabDetail}{{1}{3}}
\citation{openstack-wiki:ArchitecturalOverview}
\citation{openstack-wiki:MultiClusterZones}
\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Nova components and their interaction\cite  {openstack-wiki:ArchitecturalOverview} }}{4}}
\newlabel{figure:nova-overview2}{{2}{4}}
\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces OpenStack Compute basic architecture \cite  {openstack-wiki:MultiClusterZones}}}{4}}
\newlabel{figure:NovaComponents_Arch}{{3}{4}}
\citation{SP800-61Rev.1}
\citation{TaheriMonfared:monitoring}
\@writefile{toc}{\contentsline {section}{\numberline {2}Incident handling \textbf  { Change the title}}{5}}
\@writefile{toc}{\contentsline {subsection}{\numberline {2.1}Detection and Analysis of the compromised component}{5}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {2.1.1}Cloud providers' requirements}{5}}
\citation{amazon:vulnerability-reporting}
\citation{sans:following_incidents}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {2.1.2}Cloud consumers' requirements}{7}}
\citation{sp800-30}
\@writefile{toc}{\contentsline {subsection}{\numberline {2.2}Containment of the compromised component \textbf  {(Rename)}}{8}}
\citation{aryan:mthesis}
\@writefile{toc}{\contentsline {subsection}{\numberline {2.3}Case studies}{9}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {2.3.1}Case One: A Compromised Compute Worker}{9}}
\newlabel{containment:malicious code:isolating host}{{2.3.1}{9}}
\@writefile{lof}{\contentsline {figure}{\numberline {4}{\ignorespaces Case One - The nova-compute service in the OpenStack-4 host is compromised.}}{10}}
\newlabel{figure:LabAbstract-Case1}{{4}{10}}
\@writefile{lot}{\contentsline {table}{\numberline {1}{\ignorespaces Case One - A compromised compute worker scenario specifications}}{10}}
\newlabel{table:case one}{{1}{10}}
\newlabel{containment:malicious code:blocking host}{{2.3.1}{11}}
\@writefile{lof}{\contentsline {figure}{\numberline {5}{\ignorespaces Blocking compromised compute communication. Red lightening represent disconnected communications.}}{12}}
\newlabel{figure:ComputeContainment}{{5}{12}}
\newlabel{containment:malicious code:disabling services}{{2.3.1}{12}}
\@writefile{lof}{\contentsline {figure}{\numberline {6}{\ignorespaces OpenStack Nova services dependencies.}}{13}}
\newlabel{figure:ServiceDependencies}{{6}{13}}
\@writefile{lof}{\contentsline {figure}{\numberline {7}{\ignorespaces Stopping the compute service at the compromised host.}}{14}}
\newlabel{figure:ComputeContainment2}{{7}{14}}
\@writefile{lof}{\contentsline {figure}{\numberline {8}{\ignorespaces Discarding messages to/from the compromised node.}}{14}}
\newlabel{figure:ComputeContainment3}{{8}{14}}
\@writefile{lot}{\contentsline {table}{\numberline {2}{\ignorespaces Containment Strategies}}{14}}
\newlabel{table:Containment Strategies}{{2}{14}}
\@writefile{lot}{\contentsline {table}{\numberline {3}{\ignorespaces Case Two - A bogus component scenario specifications}}{17}}
\newlabel{table:case two}{{3}{17}}
\@writefile{lof}{\contentsline {figure}{\numberline {9}{\ignorespaces Case Two - A physical bogus compute worker node is added to the infrastructure.}}{17}}
\newlabel{figure:LabAbstract-Case2}{{9}{17}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {2.3.2}Case Two: A bogus component}{17}}
\@writefile{lof}{\contentsline {figure}{\numberline {10}{\ignorespaces Case Two - A virtual bogus compute worker is added as a consumer's instance.}}{18}}
\newlabel{figure:LabAbstract-Case2-Instance}{{10}{18}}
\citation{rabbitmq:ssl}
\citation{rabbitmq:auth}
\@writefile{toc}{\contentsline {section}{\numberline {3}Approaches}{20}}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Restricting infected components}{20}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.1}Filtering in the messaging server (cloud controller)}{20}}
\citation{4228359}
\citation{Jokela:2009:LLS:1592568.1592592}
\@writefile{toc}{\contentsline {paragraph}{Advantages}{21}}
\@writefile{toc}{\contentsline {paragraph}{Disadvantages}{21}}
\citation{rabbitmq:admin-guide}
\citation{amqp0-8}
\citation{rabbitmq:introduction}
\@writefile{toc}{\contentsline {paragraph}{Realization}{22}}
\@writefile{lof}{\contentsline {figure}{\numberline {11}{\ignorespaces RabbitMQ Connections}}{23}}
\newlabel{figure:RabbitMQConnections}{{11}{23}}
\@writefile{lof}{\contentsline {figure}{\numberline {12}{\ignorespaces Unbinding a queue from an exchange using the Queues Management page of the RabbitMQ}}{23}}
\newlabel{figure:RabbitMQUnbindingExchange}{{12}{23}}
\citation{rabbitmq:introduction}
\@writefile{lof}{\contentsline {figure}{\numberline {13}{\ignorespaces Overview of RabbitMQ messaging server and applicable containment approaches. }}{24}}
\newlabel{figure:RabbitMQInternal}{{13}{24}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.2}Filtering in each component}{24}}
\@writefile{toc}{\contentsline {paragraph}{Advantages}{25}}
\@writefile{toc}{\contentsline {paragraph}{Disadvantages}{25}}
\@writefile{toc}{\contentsline {paragraph}{Realization}{25}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.3}Disabling services}{26}}
\@writefile{toc}{\contentsline {paragraph}{Disabling an infected service}{26}}
\@writefile{toc}{\contentsline {paragraph}{Disabling a communicator service}{27}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.4}Removing instances from the project VLAN}{28}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.5}Disabling live migration}{28}}
\citation{libvirt}
\citation{garfinkel:vmi}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.1.6}Quarantining instances}{29}}
\citation{vTPM}
\citation{Santos09towardstrusted}
\citation{TVDc}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.2}Replicating services}{30}}
\citation{5678134}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.2.1}Replicate services on physical machines}{31}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.2.2}Replicate services on virtual machines}{31}}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.3}Disinfecting infected components}{31}}
\citation{puppet}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.4}Migrating instances}{32}}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.5}Node authentication}{32}}
\@writefile{lof}{\contentsline {figure}{\numberline {14}{\ignorespaces A sample markov model for trust states of a component.}}{33}}
\newlabel{figure:TrustMarkov1}{{14}{33}}
\@writefile{toc}{\contentsline {subsection}{\numberline {3.6}Policies}{33}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.6.1}No new worker policy}{33}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.6.2}Trust levels and timeouts}{33}}
\citation{welsh:cloud-research}
\citation{opencirrus}
\citation{google:Exacycle}
\citation{aws:grants}
\@writefile{lof}{\contentsline {figure}{\numberline {15}{\ignorespaces A sample markov model for transitions between different trust levels of a component.}}{34}}
\newlabel{figure:TrustMarkov2}{{15}{34}}
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.6.3}Manual confirmation}{34}}
\@writefile{toc}{\contentsline {section}{\numberline {4}Conclusion}{34}}
\bibstyle{bmc_article}
\bibdata{bmc_article}
\bibcite{Chen:EECS-2010-5}{1}
\bibcite{cnss:glossary}{2}
\bibcite{openstack:cactus}{3}
\bibcite{openstack-wiki:ArchitecturalOverview}{4}
\bibcite{openstack-wiki:MultiClusterZones}{5}
\bibcite{SP800-61Rev.1}{6}
\bibcite{TaheriMonfared:monitoring}{7}
\bibcite{amazon:vulnerability-reporting}{8}
\bibcite{sans:following_incidents}{9}
\bibcite{sp800-30}{10}
\bibcite{aryan:mthesis}{11}
\bibcite{rabbitmq:ssl}{12}
\bibcite{rabbitmq:auth}{13}
\bibcite{4228359}{14}
\bibcite{Jokela:2009:LLS:1592568.1592592}{15}
\bibcite{rabbitmq:admin-guide}{16}
\bibcite{amqp0-8}{17}
\bibcite{rabbitmq:introduction}{18}
\bibcite{libvirt}{19}
\bibcite{garfinkel:vmi}{20}
\bibcite{vTPM}{21}
\bibcite{Santos09towardstrusted}{22}
\bibcite{TVDc}{23}
\bibcite{5678134}{24}
\bibcite{puppet}{25}
\bibcite{welsh:cloud-research}{26}
\bibcite{opencirrus}{27}
\bibcite{google:Exacycle}{28}
\bibcite{aws:grants}{29}
